Thanks pablito on this. This maybe one of my option since certificates has private keys.
However, I tried to export a selfsignedcert and used it during publishing but to no avail.
I keep on receiving chain validation failed error and a NU3018: The certificate is not valid for the requested usage. in logs.
I have modified the nuget.config too by adding the author.
I’ve checked here in community but no discussion on this yet.
Edit. Should this work, the concern is the user may edit the current published xaml file using notepad still, am i wrong? This only prevents the next untrusted publish or updates, or do i miss something?